Add nixfmt-rfc-style to common packages

/home is a nfs mount, which does not support extra filesystem arguments
needed to run podman. We need to have a local home.

m/common/base/env.nix

@@ -5,6 +5,8 @@
     vim wget git htop tmux pciutils tcpdump ripgrep nix-index nixos-option
     nix-diff ipmitool freeipmi ethtool lm_sensors cmake gnumake file tree
     ncdu config.boot.kernelPackages.perf ldns pv
+    nix-output-monitor
+    nixfmt-rfc-style
     # From bsckgs overlay
     osumb
   ];

m/common/base/users.nix

@@ -87,6 +87,12 @@
         openssh.authorizedKeys.keys = [
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIIFiqXqt88VuUfyANkZyLJNiuroIITaGlOOTMhVDKjf abonerib@bsc"
         ];
+        shell = pkgs.fish;
+        packages = with pkgs; [
+          starship
+          jujutsu
+          neovim
+        ];
       };
 
       vlopez = {
@@ -154,6 +160,20 @@
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIV5LEAII5rfe1hYqDYIIrhb1gOw7RcS1p2mhOTqG+zc pedro@pedro-ThinkPad-P14s-Gen-2a"
         ];
       };
+
+      csiringo = {
+        # Arbitrary UID but large so it doesn't collide with other users on ssfhead.
+        uid = 9653;
+        isNormalUser = true;
+        home = "/home/Computational/csiringo";
+        description = "Cesare Siringo";
+        group = "Computational";
+        hosts = [ "apex" "weasel" ];
+        hashedPassword = "$6$0IsZlju8jFukLlAw$VKm0FUXbS.mVmPm3rcJeizTNU4IM5Nmmy21BvzFL.cQwvlGwFI1YWRQm6gsbd4nbg47mPDvYkr/ar0SlgF6GO1";
+        openssh.authorizedKeys.keys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHA65zvvG50iuFEMf+guRwZB65jlGXfGLF4HO+THFaed csiringo@bsc.es"
+        ];
+      };
     };
 
     groups = {

m/fox/configuration.nix

@@ -35,6 +35,16 @@
 
   services.openssh.settings.X11Forwarding = true;
 
+  # Use SSH tunnel to reach internal hosts
+  programs.ssh.extraConfig = ''
+    Host bscpm04.bsc.es gitlab-internal.bsc.es tent
+      ProxyJump raccoon
+    Host raccoon
+      ProxyJump apex
+      HostName 127.0.0.1
+      Port 22022
+  '';
+
   networking = {
     timeServers = [ "ntp1.upc.edu" "ntp2.upc.edu" ];
     hostName = "fox";

m/weasel/configuration.nix

@@ -3,6 +3,7 @@
 {
   imports = [
     ../common/ssf.nix
+    ./virtualization.nix
   ];
 
   # Select this using the ID to avoid mismatches
@@ -14,6 +15,10 @@
   # Users with sudo access
   users.groups.wheel.members = [ "abonerib" "anavarro" ];
 
+  # Run julia installed with juliaup using julia's own libraries:
+  # NIX_LD_LIBRARY_PATH=~/.julia/juliaup/${VERS}/lib/julia ~/.juliaup/bin/julia
+  programs.nix-ld.enable = true;
+
   networking = {
     hostName = "weasel";
     interfaces.eno1.ipv4.addresses = [ {

m/weasel/virtualization.nix

@@ -0,0 +1,40 @@
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}:
+
+{
+  # Enable common container config files in /etc/containers
+  virtualisation.containers.enable = true;
+  virtualisation = {
+    podman = {
+      enable = true;
+
+      # Required for containers under podman-compose to be able to talk to each other.
+      defaultNetwork.settings.dns_enabled = true;
+    };
+  };
+
+  # We cannot use /home since nfs does not support fileattrs needed by podman
+  systemd.tmpfiles.settings = {
+    "podman-users" = lib.mapAttrs' (
+      name: value:
+      lib.nameValuePair ("/var/lib/podman-users/" + name) {
+        d = {
+          group = value.group;
+          mode = value.homeMode;
+          user = name;
+        };
+      }
+    ) (lib.filterAttrs (_: x: x.isNormalUser) config.users.users);
+  };
+
+  # Useful other development tools
+  environment.systemPackages = with pkgs; [
+    dive # look into docker image layers
+    podman-tui # status of containers in the terminal
+    podman-compose # start group of containers for dev
+  ];
+}